280 likes | 285 Vues
Internal Controls. USF PCI compliance. Visit the training website Review the Payment Card Industry (PCI) documentation Take the PCI certification quiz All must re-train and successfully pass the PCI quiz annually; testing is designed on a calendar year basis
E N D
USF PCI compliance • Visit the training website • Review the Payment Card Industry (PCI) documentation • Take the PCI certification quiz • All must re-train and successfully pass the PCI quiz annually; testing is designed on a calendar year basis • This is a requirement for USF to be in compliance with PCI standards and certification
USF Cash Collections Certification • Visit the training website • Review the Cash Collections documentation • Take the cash collections certification quiz • All new cash handlers must train and pass the test immediately after hire • All cash handlers must re-train and pass the test annually
Our purpose today • Collaborative presentation of cash collection practices and reconciliation • Addressing cash, bank cards, and e-checks • Supports building knowledge for everyone involved
Accountability and internal controls Separation of duties concepts Helpful resources General Concepts
Accountability – What is it? • Delegation of authority to qualified persons to: • Initiate, approve, process and review business transactions • Holding these persons responsible for: • The validity, correctness and appropriateness of their actions
Good Business Practice • Become familiar with the USF policy regarding fraud prevention and detection • http://generalcounsel.usf.edu
Internal Controls • Protect • USF • USF staff • Are designed to provide reasonable assurance regarding: • Effectiveness and efficiency of operations • Reliability of reporting • Compliance with applicable rules, laws, and regulations
Internal Controls as They RelateTo Cash Management • Internal controls specifically ensure: • The safety of all funds • The timeliness of recording the receipt of all funds • That assignment of duties complies with separation of duties guidelines • That reconciliations are completed and reviewed on a monthly schedule • A sound audit trail and adequate documentation are created • Find specifics on internal controls on: • www.usf.edu/businessprocesses
Separation Of Duties Separation of duties protects USF and the individual by ensuring that no one person has the ability to control all of the steps involved in handling and accounting for money received by USF.
Four Functions • The four functions are: • Custody • Record Keeping • Authorization • Reconciliation • The ideal is that any one person performs only one function; four people are needed for the four functions
When Segregation Is Not Possible • If one person performs two or more of the functions: • Risk exists that presents the opportunity for something to go wrong • A compensating control is needed to reduce the risk • The compensating control might be an extra layer of review
When Segregation Is Not Possible • Examples of compensating controls may include: • A manager may perform a high level of review of detailed transaction reports • A manager may periodically sample transactions and request supporting documentation to ensure the transactions are complete, appropriate, and accurate. • Someone from an another area may perform an external review of a reconciliation. For instance two departments within a college may share responsibility to review each others reconciliations. • Some colleges and units have a centralized business services department
Custody • Having access to or control over any physical asset • Custodians: • Collect and handle payments • Prepare deposits • Have access to safes, lock boxes, & file cabinets where funds are kept
Record Keeping - Definition • Record keeping is the process of creating and maintaining official records • Record keeping may occur manually or through an automated data system
Record Keeping – Examples at USF • Customer receipts • Deposit slips • Credit card receipts • Cash register reports • EFT (electronic funds) payment documents • Balancing and reconciliation reports
Record Keeping - Retention • Observe record retention requirements • Find information on Online Business Processes • Also find information on the Purchasing web site • Records serve multiple needs • Compliance with best business practices • Helpful in researching a question
Authorization • Authorization is the process of granting formal approval to perform a specific function • For example, someone must be authorized in order to perform one of the following functions: • Verify cash collections • Review daily balancing reports • Approve discounts, voids, or refunds
Authorization • The person who originally created a transaction should not be: • The one who makes a correction • The one who creates a void • The one who creates/approves a refund • The best practice is to have a supervisor take these actions
Reconciliation & Balancing • Reconciliation in FAST and Finance Mart
What Do We Reconcile? • Point of sale transactions ( POS ) • Bank card payments • E check payments • Transaction posting in FAST and FM • Inventory
Transaction Reconciliation • Finance Mart is the official reporting system • Confirm that correct chart fields were used • Submit corrections immediately • Confirm that corrections posted correctly • Find detail in FAST or OASIS
Reconciliation - Guidelines • Reconciliation must be performed by a person with no cash handling responsibilities • The reconciliation must be dated and signed or initialed • The reconciliation should be reviewed by an independent party • The prescribed procedure should be followed; find reconciliation resources on the UCO web site
Custody – System Passwords • Every person must have their own password • Passwords must never be shared • Don’t write your passwords down • If you need to leave the work area, sign off your password; log back on when you return
Custody – System Passwords • Passwords should be changed periodically • Passwords should be inactivated whenever a custodian vacates the position
Resources • Office of University Audit & Compliance • Generalcounsel.usf.edu • Online Business Processes • http://www.usf.edu/businessprocesses • Controller Office (look for training) • http://www.usf.edu/business-finance/controller
Contacts • JonathanAndrews • 974.5748andrews5@usf.edu • Cherie Carson • 974.7686 carsonc@usf.edu • Jamie Roman • 974.6043 romanj@usf.edu • Noemi Merced • 974.4914 nmerced@usf.edu